What do you and James Bond have in common? Two-Factor Authentication

Spotlight on Safe Computing

We’ve all seen the spy movies where the valuables - priceless technology of the future, million-dollar jewels, gold bricks - are hidden in a safe and to get in you must enter a password and pass a retinal scan. Movies like Mission Impossible, The Avengers, and GoldenEye are great films, but did you know that the retinal scan-password security combination they all have in common is a great example of two-factor authentication?

What is two-factor authentication?

Two-factor authentication is adding an extra layer of security to your accounts, information, or assets. It takes something you already know, such as your username and password, and combines it with something you have, such as your mobile device or landline phone, or something you are. Ethan Hunt and James Bond’s second layer of authentication is something they are, the biometric identifier of their eyes or their fingerprints, but that is far less common than adding something you have to secure your accounts. Far more people have mobile devices or landline phones than biometric scanners.

When adding an extra layer of security, you log in to access your personal or sensitive information with your regular username and password, and then take an additional step of using your phone to ensure that you and only you are accessing your information.

Two-factor authentication has been around for awhile, and chances are you have been using it without knowing exactly what it was called. Most financial institutions employ two-factor authentication, asking you to answer a phone call or receive a text in order to log into your account. Amazon and Apple have options for two-factor authentication to access your account. Even gas stations use two-factor authentication, asking you to enter your zip code before firing up the pump. It’s like having a storm door or a chain lock - it takes you multiple steps to get in.

So why is two-factor authentication important?

Many of us use simple or easy-to-remember passwords in this world where we have so many. However, simple and easy to remember is also easy to crack and leaves you vulnerable to email scams, phishing attacks, or unauthorized access to financial information.

Phishing attacks in particular are more frequent and more sophisticated than ever. These attacks may appear as legitimate emails, but are really attempts by cyber criminals to access your private information. Phishing attacks at the University doubled in number last year, and the number of accounts compromised due to these attacks have increased three-fold in this year alone. Learn how to spot a scam.

How can I protect my University information with two-factor authentication?

The University of Minnesota offers a two-factor authentication service for faculty, staff, and student workers: Duo Two-Factor protection for W-2 and Direct Deposit information. Duo is easy to use and is intended to protect your W-2 and direct deposit information, and reduce the risk of your personal data being compromised.

Opting into Duo will take just a few minutes and is a one-time process. Once you have opted in, when you attempt to view or change your University W-2 or direct deposit information, you will need to enter your University Internet ID and password, and then confirm your identity using a secondary device. Classic two-factor authentication, without the hassle of an eye or fingerprint scan.

Protecting your identity is a shared responsibility. Opting into Duo and adding an extra layer of security is an easy way to make your personal information and the University’s data more secure. When it comes to your finances and identity, more security is always worth it, isn’t it?